Fraudsters are continually finding new ways to lure members into disclosing their personal and financial information. Box Elder CU will help our members avoid potential scams by notifying members of any scams on our website. Be sure to check back often to stay informed about current scams.
“Phishing” increases by 600%
Criminal phishing (e-mail), smishing (text messaging) and vishing (telephone) attacks increased nearly 600 percent in 2009 according to the Anti-Phishing Working Group. Unsuspecting credit union members continue to respond to fraudsters who contact them through various methods to obtain their personal or financial information. These scams are well-designed to mimic legitimate organizations (including credit unions), so it’s often too late when members realize they’ve been swindled.
The following are examples of phishing requests mimicking credit unions:
“Your account has been temporarily suspended because of a security breach at our credit union. Please provide your information to our security department to reactivate your account.”
“Your credit card was suspended. Our customer service department needs your information to reinstate your card.”
“Your loan is delinquent. Payment is needed ‘immediately’ (over the phone).”
“You can receive a reduced interest rate on your loan. We need to confirm your information.”
This type of socially-engineered breach of personal or financial information is a potentially costly and devastating crime. Fortunately, losses can often be prevented through member awareness combined with sensible everyday practices.
NEVER respond directly to requests that purport to be from a credit union or any other company, no matter how urgent or persuasive the request. Instead, members should initiate the communication using the customer service number listed on their monthly statement to verify that the request is legitimate.
Holiday Fraud Prevention Tips for Credit Union Members
1. Ensure that receipts reflect the correct transaction amount
2. When performing a PIN transactions, ensure others are not capturing your PIN number
3. When using a debit card, you may select “credit”, which requires a signature and extends the $0 member liability under the Visa / MasterCard association rules
4. Review all accounts (checking, savings, credit card) activity daily
5. Lower your credit line limit during the holidays
6. When paper checks are converted at a merchant to an ACH, store voided checks safely to prevent counterfeit checks or unauthorized ACH transactions
7. Be suspicious of emails from unknown parties; don’t open the email or click any links within them
8. Access your credit union’s authorized website by typing the website into the address bar of web browser to avoid “spoofed” websites attempting to steal your information
9. Shop online with trustworthy merchants who require security information such as address verification and the CVV2/CVC2 number on the back of your card
10. When shopping in person or using an ATM, be aware of your surroundings and report any unusual activities to your credit union
11. Never leave your purse, wallet, or cards unattended
12. And finally, if an offer seems too good to be true, it probably is, so be cautious
NACHA Phishing Alert (11/12/2009) E-mail Claiming to be from NACHA
NACHA – The Electronic Payments Association has received reports that individuals and/or companies have received a fraudulent e-mail that has the appearance of having been sent from NACHA. See sample below.
The subject line of the e-mail states: “Rejected ACH Transaction.” The e-mail includes a link which redirects the individual to a fake web page which appears like the NACHA Web site and contains a link which is almost certainly executable virus with malware. Do not click on the link. Both the e-mail and the related Web site are fraudulent.
Be aware that phishing e-mails frequently have links to Web pages that host malicious code and software. Do not follow Web links in unsolicited e-mails from unknown parties or from parties with whom you do not normally communicate, or that appear to be known but are suspicious or otherwise unusual.
NACHA itself does not process nor touch the ACH transactions that flow to and from organizations and financial institutions. NACHA does not send communications to individuals or organizations about individual ACH transactions that they originate or receive.
If malicious code is detected or suspected on a computer, consult with a computer security or anti-virus specialist to remove malicious code or re-install a clean image of the computer system. Always use anti-virus software and ensure that the virus signatures are automatically updated. Ensure that the computer operating systems and common software applications security patches are installed and current.
Be alert for different variations of fraudulent e-mails.
Text Message Scam - 10/6/09
Box Elder Credit Union continues to be the target of a text message scam. A phony text message has been sent to random cell phones in our area stating that their Box Elder CU ATM card has been suspended. Many members have recognized the text message as a scam and have notified us immediately. PLEASE DO NOT CALL THE NUMBER OR RESPOND TO ANY TEXT MESSAGES.
Text Message Scam - 8/28/09
Box Elder Credit Union has been informed that a text message is being distributed to random cell phones with a message informing them that their ATM card has been suspended. The message instructs the recipient to call a phone number where they can enter personal information, such as their account number or credit/debit card number to reactivate their ATM card.
This is a fraudulent text message and phone number that have been setup to steal account information from financial customers.
Box Elder Credit Union will never solicit you for personal information, such as account number, credit/debit card numbers, passwords or PINS.
If you are a member and have disclosed your personal information contact us immediately at (435) 723-3437.